summaryrefslogtreecommitdiff
path: root/selftest
diff options
context:
space:
mode:
authorJoseph Sutton <josephsutton@catalyst.net.nz>2023-03-20 16:58:47 +1300
committerAndrew Bartlett <abartlet@samba.org>2023-03-31 08:29:32 +0000
commite446e5816bdaa3a9ef9d7d78e4b09728c740615f (patch)
tree3d94160a93f72a6de72e17b297b93ab0dbb9934d /selftest
parentc9ff6542006fa999201a90694bff3b0aaff79089 (diff)
downloadsamba-e446e5816bdaa3a9ef9d7d78e4b09728c740615f.tar.gz
s4:kdc: Add support for AD client claims
We now create a client claims blob and add it to the PAC. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Diffstat (limited to 'selftest')
-rw-r--r--selftest/knownfail.d/tokengroups-claims-valid4
-rw-r--r--selftest/knownfail_heimdal_kdc94
-rw-r--r--selftest/knownfail_mit_kdc90
-rw-r--r--selftest/knownfail_mit_kdc_1_2042
-rw-r--r--selftest/knownfail_mit_kdc_pre_1_205
5 files changed, 47 insertions, 188 deletions
diff --git a/selftest/knownfail.d/tokengroups-claims-valid b/selftest/knownfail.d/tokengroups-claims-valid
deleted file mode 100644
index 23cefc93fdf..00000000000
--- a/selftest/knownfail.d/tokengroups-claims-valid
+++ /dev/null
@@ -1,4 +0,0 @@
-^samba4.tokengroups.krb5.python.__main__.DynamicTokenTest.test_pac_groups.ad_dc_default:local
-^samba4.tokengroups.krb5.python.__main__.DynamicTokenTest.test_rootDSE_tokenGroups.ad_dc_default:local
-^samba4.tokengroups.krb5.python.__main__.StaticTokenTest.test_pac_groups.ad_dc_default:local
-^samba4.tokengroups.krb5.python.__main__.StaticTokenTest.test_rootDSE_tokenGroups.ad_dc_default:local
diff --git a/selftest/knownfail_heimdal_kdc b/selftest/knownfail_heimdal_kdc
index 53bec3f17fd..fea48c36e89 100644
--- a/selftest/knownfail_heimdal_kdc
+++ b/selftest/knownfail_heimdal_kdc
@@ -59,107 +59,13 @@
#
# Claims tests
#
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_access_point_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_access_point_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class_2.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class_2_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_class.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_class_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_false.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_false_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_true.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_true_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_difference_for_source_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_difference_for_source_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_insensitive_string_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_insensitive_string_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_deny_RP.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_deny_RP_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_disabled_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_disabled_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_binary_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_binary_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_incorrect_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_incorrect_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_duplicate_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_duplicate_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_attribute.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_attribute_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_large_compressed_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_large_compressed_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_attribute.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_attribute_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multi_valued_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multi_valued_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multiple_claims.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multiple_claims_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_claims_support_in_pac_options.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_claims_support_in_pac_options_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_value_set.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_value_set_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_any_class.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_any_class_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_class.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_class_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_enabled_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_enabled_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_numeric_string_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_numeric_string_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_octet_string_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_octet_string_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_2.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_2_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_printable_string_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_printable_string_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_simple_AD_sourced_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_simple_AD_sourced_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_string_syntax_duplicate_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_string_syntax_duplicate_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_unhandled_source_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_unhandled_source_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_utc_time_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_utc_time_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_delegation_claims.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_delegation_claims_remove_claims.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_device_claims_device_to_service_no_claims_support_in_pac_options.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_device_claims_device_to_service_no_claims_valid_sid.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_device_claims_device_to_service_no_compound_id.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_claims_delete.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_claims_modify.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_claims_remove_claims_delete.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_claims_remove_claims_modify.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_device_claims_delete.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_device_claims_modify.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_device_claims_remove_claims_delete.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_device_claims_remove_claims_modify.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_remove_claims.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_remove_claims_to_krbtgt.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_to_krbtgt.ad_dc
#
# Group tests
#
diff --git a/selftest/knownfail_mit_kdc b/selftest/knownfail_mit_kdc
index 3ce97bf3f2f..213903fb530 100644
--- a/selftest/knownfail_mit_kdc
+++ b/selftest/knownfail_mit_kdc
@@ -463,92 +463,6 @@ samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_
#
# Claims tests
#
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_access_point_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_access_point_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class_2.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class_2_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_class.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_class_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_false.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_false_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_true.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_true_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_difference_for_source_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_difference_for_source_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_insensitive_string_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_insensitive_string_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_deny_RP.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_deny_RP_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_disabled_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_disabled_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_binary_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_binary_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_incorrect_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_incorrect_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_duplicate_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_duplicate_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_attribute.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_attribute_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_large_compressed_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_large_compressed_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_attribute.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_attribute_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multi_valued_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multi_valued_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multiple_claims.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multiple_claims_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_claims_support_in_pac_options.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_claims_support_in_pac_options_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_value_set.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_value_set_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_any_class.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_any_class_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_class.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_class_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_enabled_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_enabled_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_numeric_string_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_numeric_string_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_octet_string_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_octet_string_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_2.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_2_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_printable_string_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_printable_string_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax_wrong_value_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax_wrong_value_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_simple_AD_sourced_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_simple_AD_sourced_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_string_syntax_duplicate_claim.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_string_syntax_duplicate_claim_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_unhandled_source_type.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_unhandled_source_type_to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_utc_time_syntax_invalid_.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_utc_time_syntax_invalid__to_self.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_delegation_claims.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_delegation_claims_remove_claims.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_device_claims_device_to_service_no_claims_support_in_pac_options.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_device_claims_device_to_service_no_claims_valid_sid.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_device_claims_device_to_service_no_compound_id.ad_dc
@@ -560,10 +474,6 @@ samba.tests.krb5.as_canonicalization_tests.samba.tests.krb5.as_canonicalization_
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_device_claims_modify.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_device_claims_remove_claims_delete.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_rodc_issued_device_claims_remove_claims_modify.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_remove_claims.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_remove_claims_to_krbtgt.ad_dc
-^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_tgs_claims_to_krbtgt.ad_dc
#
# Lockout tests
#
diff --git a/selftest/knownfail_mit_kdc_1_20 b/selftest/knownfail_mit_kdc_1_20
index 8ffc22a6198..4338f636f76 100644
--- a/selftest/knownfail_mit_kdc_1_20
+++ b/selftest/knownfail_mit_kdc_1_20
@@ -10,7 +10,49 @@
#
# Claims tests
#
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_access_point_syntax_invalid__to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class_2_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_base_class_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_applicable_to_class_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_false_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_true_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_boolean_syntax_wrong_value_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_difference_for_source_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_case_insensitive_string_syntax_invalid__to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_deny_RP_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_disabled_claim_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_binary_syntax_invalid__to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_dn_string_syntax_wrong_value_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_incorrect_value_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_duplicate_claim_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_integer_syntax_wrong_value_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_attribute_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_invalid_value_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_large_compressed_claim_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_attribute_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_missing_value_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multi_valued_claim_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_multiple_claims_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_claims_support_in_pac_options_to_self.ad_dc
^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_claims_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_no_value_set_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_any_class_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_applicable_to_class_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_not_enabled_claim_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_numeric_string_syntax_invalid__to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_octet_string_syntax_invalid__to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_2_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_oid_syntax_wrong_value_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_printable_string_syntax_invalid__to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_security_descriptor_syntax_wrong_value_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_simple_AD_sourced_claim_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_string_syntax_duplicate_claim_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_unhandled_source_type_to_self.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_claims_utc_time_syntax_invalid__to_self.ad_dc
#
# Group tests
#
diff --git a/selftest/knownfail_mit_kdc_pre_1_20 b/selftest/knownfail_mit_kdc_pre_1_20
index 358c3c20e8e..34de046b646 100644
--- a/selftest/knownfail_mit_kdc_pre_1_20
+++ b/selftest/knownfail_mit_kdc_pre_1_20
@@ -196,3 +196,8 @@ samba.tests.krb5.compatability_tests.samba.tests.krb5.compatability_tests.Simple
^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_rbcd_rodc_issued\(
^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_rbcd_unkeyed_service_checksum\(
^samba.tests.krb5.s4u_tests.samba.tests.krb5.s4u_tests.S4UKerberosTests.test_rbcd_zeroed_service_checksum\(
+#
+# Claims tests
+#
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_delegation_claims.ad_dc
+^samba.tests.krb5.claims_tests.samba.tests.krb5.claims_tests.ClaimsTests.test_delegation_claims_remove_claims.ad_dc
View Lorry Controller Status